Results 51 to 59 of 59
-
04-21-2020, 05:30 AM #51New Member
- Join Date
- Jan 2017
- Posts
- 3
Anti-DDoS Hetzner
Hello All,
I have been in the same situation, getting attacks from 100Gbp/s upto 500Gbp/s and the server would go down for long time.
My solution was this, at the robot panel: (make sure you edit /etc/resolv.conf and add 8.8.8.8 dns)
i.postimg.cc/7ZYLMwNP/firewall-rules.png
Also, if the rules above don't work for you, be sure to use iftop and monitor incoming connections, see if most of the spoofed ips attacking you come from the same source port and make sure you block those source ports at the firewall provided on the robot panel.
As most of these DDoS attacks are from amplified attacks, its fairly easy to detect and create the set of rules on the firewall, it wont even hit ur dedicated box, the packets will be stuck at the hops.
Here's the network graph: (note that I was pinging my dedicated server and didnt even timeout once)
i.postimg.cc/tCg7Xjmx/DDoS.png
Let me know if this helps you guys out, I have had no downtime ever since and I get DDoS attacks nearly everyday, only thing to note here is.. I have seen a lot of people complaining that OVH is better or has stronger network, bare in mind that even OVH can get taken down if the attack is on layer 7, I have seen attacks of 4mbit/s crashing down game servers hosted by OVH, all it takes is the anti-DDoS thinking it's legit packets.
-
04-21-2020, 06:21 AM #52New Member
- Join Date
- Jan 2017
- Posts
- 3
NEW RULES
i.postimg.cc/13pG5x9G/firewall-rules.png
-
04-22-2020, 05:03 AM #53Newbie
- Join Date
- Jan 2020
- Posts
- 6
Hetzner have been notorious for null routing ips unless you pay them a premium for protection. Obviously OVH is the best there is for cost effective ddos protection.
Worth nothing, if your budget is high: https://www.voxility.com/
They provide 1TB DDoS protection at a price.
-
04-26-2020, 06:26 PM #54Aspiring Evangelist
- Join Date
- Dec 2010
- Location
- Italy
- Posts
- 424
On my hetzner server they have nulled ip for AttackOutLevel: OUT Attack. Do you know what to do in this case?
-
04-26-2020, 07:03 PM #55Web Hosting Guru
- Join Date
- Dec 2007
- Location
- ONLINE
- Posts
- 305
Assuming your server isn't hacked, you may be getting sync flooded to where your server responds back with massive loads of sync-ack, or DNS floods where your server responds to bot generate queries. A cap will tell you more, but most providers will drop, shut you down on outbound attacks; cost them more than inbound.--
CLAG
-
04-26-2020, 07:06 PM #56Aspiring Evangelist
- Join Date
- Dec 2010
- Location
- Italy
- Posts
- 424
The server is new, only a week old, so I don't think it's hacked. I have transferred sites to this server that were resident on another server that was experiencing ddos attacks, so one of these sites is likely to be the problem. Now I'm buying imunify 360 to see if I solve the sync flood problem.
-
04-26-2020, 07:36 PM #57Aspiring Evangelist
- Join Date
- Dec 2010
- Location
- Italy
- Posts
- 424
-
04-27-2020, 05:50 AM #58Aspiring Evangelist
- Join Date
- Dec 2010
- Location
- Italy
- Posts
- 424
However, just for knowledge, since I installed imunify 360 it seems that the problem has been solved, it is truly a great product.
-
04-27-2020, 06:41 AM #59HostXNow - Shared Web Hosting | Semi Dedicated Hosting | Enterprise Reseller Hosting | VPS Hosting
Similar Threads
-
How do i scale my web application properly when it comes to users.
By Saphant in forum Programming DiscussionReplies: 7Last Post: 08-03-2014, 08:12 PM -
does anyone know legal facts when it comes to schools in the uk?
By Flumps in forum Web Hosting LoungeReplies: 15Last Post: 03-12-2011, 02:44 PM -
When it comes to a host, does location play a role?
By d3 in forum Web HostingReplies: 11Last Post: 04-09-2004, 04:24 AM -
PING is KING when it comes to gaming
By jcooper in forum Dedicated Hosting OffersReplies: 27Last Post: 01-23-2003, 03:05 PM -
PING is KING when it comes to gaming
By jcooper in forum Dedicated Hosting OffersReplies: 4Last Post: 12-06-2002, 09:44 AM